Google Will Label HTTP Sites with Forms as “Non-Secure” in October

By Peter Roesler

President, Web Marketing Pros

For a little over a year now, Google has been heavily pushing website to move to more secure HTTPS servers. Google has yet to go the route they went with mobile friendliness and create an entirely new ranking factor. However, they are making changes to Chrome that make it more important for websites to be on an HTTPS server.

In this situation, Google is using the power and popularity of the Chrome Browser. As they first warned several months ago, certain sites that don’t use HTTPS will be labeled as “Non-Secure” in the address bar of Chrome browsers.

Google first started doing this labelling for ecommerce sites and other websites that handled a lot of data. HTTPS prevents “man-in-the-middle” attacks where customer data can be intercepted by a third-party. The upcoming HTTPS-related change will extend the “Non-Secure” label to pages that have user forms that are submitted over HTTP

In an email to webmasters, Google warned, “Beginning in October 2017, Chrome will show the ‘Not secure’ warning in two additional situations: when users enter data on an HTTP page, and on all HTTP pages visited in Incognito mode.”

The focus on forms reflects a sobering truth about data security on many websites. Many websites collect a lot of information about their users. If that data isn’t submitted with a secure connection, it can be intercepted and used by a third party. Even if the data isn’t credit card numbers and social security information, savvy online fraudsters can make good use of the simple data that’s being leaked out by unsecure websites, such as common usernames and passwords.

Google’s announcement may seem to imply that some websites won’t be affected by the October change, but that’s not really true. If the Non-Secure label will go on any page with a form on an HTTP server, any page with any kind of contact form or search tool will find themselves labeled Non-Secure.

Website owners need to understand that they will have to make the change to HTTPS eventually. If not to maintain the confidence of consumers, the site will have to make the change in order to stay in Google’s good graces.

Even in the email to webmasters warning about the October change, Google clearly states, “The new warning is part of long term plan to mark all pages served over HTTP as Non-Secure.”

While it may seem a little annoying at first to have to change servers, the change will benefit from the effort. The past few years have seen an ever-increasing string of online security breaches. Many consumers are aware that the data they enter into websites, if not properly secured, can be used by other people in a variety of ways. Giving website visitors the assurance that the information they are entering is secure will keep them on a site and using the features to the fullest.

Switching from a HTTP to an HTTPS server isn’t the hardest thing in the world and can be handled relatively quickly. With a hard October deadline for HTTPS changes, website owners may want to consider hiring professionals to handle the work immediately.